Strange Access Issue

Started by CardcaptorRLH85, January 11, 2022, 08:00:55 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
January 11, 2022, 08:00:55 AM
Right now I can only access the Web GUI and SSH for a few seconds right after booting my router (a Protectli FW2B running OPNsense 21.7).  After that, my internet connection runs fine on all of my devices and I can still ping the router but I can't access it at all.  I'm about to move it somewhere where I can plug it into a monitor and keyboard to see if I can get into it locally but, I'm not even sure what to look for to try and solve this issue.
January 12, 2022, 10:21:35 AM #1
I would suggest that you start by trying to answer the following questions:
(Q1) What is your network topology.  In particular, do you have any device (e.g. switch) between your Protectli and your PC?
(Q2) What do you mean when you say that "I can't access it at all"?

  • Access with ssh?
  • Access with browser http?
  • Access with browser https?
  • What exactly do you see?
(Q3) What version of Opnsense?  What browser? PC OS?
(Q4) Do you know how to use Wireshark?
January 14, 2022, 11:46:47 AM #2
A1) I've tried to access my Protectli while directly connected to it via ethernet from my laptop without success.  I did however get issued an IP address via DHCP so I know it's still responding.

A2) I mean no access.  Nothing via SSH, HTTP, or HTTPS.

Via SSH I see
Code Select
05:36:14.143 Started a new SSH session.
05:36:14.197 Connecting to SSH server 192.168.50.1:2222.
05:36:35.317 Connection failed. FlowSocketConnector: Failed to connect to target address. Windows error 10060: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.
05:36:35.522 The SSH session has been terminated.

In Chrome, I see
Code Select
ERR_CONNECTION_TIMED_OUT
In Firefox, I see
Code Select
The connection has timed out
(Edge, being Chromium-based, gives me the same error as Chrome.)

The strange thing about this issue is that for a few seconds just after boot, I'm able to connect normally using all the methods listed here.  This makes me think that some service is causing my issues.

A3) I'm running OPNsense 21.7, I've tried to access it using Chrome, Firefox, and Edge from Windows 11 and Firefox and Chrome from two different Android 11 devices.

A4) I do know how to use Wireshark however, I am (fortunately) able to access the OPNsense shell by connecting a monitor and keyboard to my Protectli device if that helps at all.
January 14, 2022, 12:34:20 PM #3
You seem to have ssh on a custom port. Nothing wrong with it, in fact encouraged but you need to validate the setup. I suspect it is either failing to start (misconfiguration), there are firewall rules stopping getting to it or something along those lines.
To troubleshoot you have little option but to look for clues in the UI: is it running? If yes, follow the firewall live logs to see your attempt is being blocked.
January 14, 2022, 10:36:12 PM #4 Last Edit: January 14, 2022, 11:33:19 PM by CardcaptorRLH85
Can I access the firewall rules via the shell? If so, what commands should I use to do so? As I said, I can access the shell with a monitor and keyboard I have connected to my router.

EDIT: I've figured out how to access the firewall logs via the shell but, they are scrolling so fast that I can't really read anything.

EDIT2: I was receiving an error in the shell igb1 drop mbuf that needs checksum offload so, I (during the few seconds of web GUI access before all services started) turned off hardware checksum offloading. Now everything works!
Print
Go Up Pages1
User actions